Building secure cloud-native systems.

Kubernetes  ·  Terraform  ·  AI Infrastructure  ·  DevSecOps

Prakhar Srivastava  ·  Cloud-Native Infrastructure · Platform Engineering · DevSecOps · AI Infrastructure

   

I spent 3 years processing insurance claims at a BPO. That time wasn't wasted — I was running Linux on my personal machine since 2022, picking up Docker on weekends, building an instinct for process automation and system reliability. In March 2025, I quit. No job lined up. Just a plan I trusted.

Since then I've been building and shipping production-grade infrastructure — Kubernetes platforms, DevSecOps pipelines, modular AWS IaC — all public on GitHub. I write about what I build on Hashnode: not tutorials, more like engineering notes from someone figuring things out in public.

Open to DevOps / Platform Engineering / SRE roles at startups building in the cloud-native space.

  Location: Bangalore  |  Community: TrainWithShubham · Automation Hero

Platform Layer         GitOps & Delivery          Observability & Security
─────────────────      ────────────────────────   ────────────────────────
Kubernetes (kind/EKS)  Argo CD · Helm             CloudWatch · Prometheus
Terraform (modular)    GitHub Actions · Jenkins   Trivy · Gitleaks · Bandit
AWS (VPC/ALB/ASG/RDS)  Docker · ECR               Hadolint · pip-audit · OPA
IAM · ECR · SNS        Ansible                    SonarCloud · RBAC

Design philosophy: infrastructure should be version-controlled, observable, and security-scanned before it ships — not patched after it breaks.

Full-stack AI-powered DevSecOps monitoring platform. React dashboard backed by a FastAPI anomaly detection engine — deployed on Kubernetes across dev/staging/prod environments with OPA Gatekeeper policy enforcement, Prometheus + Grafana + Alertmanager observability, and Terraform-provisioned AWS EKS. Two GitHub Actions pipelines covering 8 security and quality gates end-to-end.

Stack: Python · FastAPI · React · Vite · Docker · Kubernetes · K3d · AWS EKS · Terraform · GitHub Actions · Prometheus · Grafana · Alertmanager · OPA Gatekeeper · SonarCloud · Trivy · Bandit · Gitleaks

→ github.com/Heyyprakhar1/sentinel-ai-platform

End-to-end GitOps pipeline for a microservices platform — three Flask services, MySQL, Kubernetes on kind, Argo CD, and a security-scanned CI layer.

Stack: GitHub Actions · Argo CD · Kubernetes (kind) · Helm · Docker · ECR

Highlights:

• 8 reusable GitHub Actions workflow files — modular, DRY, composable
• Security gates: Trivy · Gitleaks · Bandit · Hadolint · pip-audit on every commit
• Argo CD GitOps sync with Kubernetes manifests as the source of truth
• Zero hardcoded credentials at any stage

→ github.com/Heyyprakhar1/microservices-ecommerce-devsecops

Three-tier application with a production-grade CI/CD pipeline, GitOps delivery via Argo CD, and a full observability stack — built under hackathon constraints.

Stack: Go · Nginx · MySQL · GitHub Actions · Argo CD · Kubernetes (kind) · Prometheus · Grafana · Loki

Highlights:

• 6-job parallel CI pipeline — image build, Trivy scan, Docker Hub push running concurrently, total runtime ~58 seconds
• Argo CD GitOps: pipeline auto-commits image SHA bumps to manifests; cluster self-syncs on every push — no kubectl apply in CI
• kube-prometheus-stack + Loki: metrics and log aggregation active from first deployment
• HPA validated under synthetic load — backend scales 1→4 replicas on CPU threshold
• Real Grafana dashboards: 428 MiB live memory across 3 pods from the running cluster, not mock data

→ github.com/Heyyprakhar1/github-actions-kubernetes-masterclass

Modular, production-oriented AWS infrastructure: 28 resources across 6 Terraform modules — designed for auto-scaling web workloads across 2 availability zones.

Modules: VPC · ALB · ASG · RDS · Security Groups · CloudWatch

Highlights:

• State managed in S3 with DynamoDB locking
• Least-privilege SG chaining: ALB → EC2 → RDS — no direct external access to data tier
• CloudWatch alarms drive ASG scale-in/out policies
• 70% faster provisioning vs manual setup; zero-downtime failover validated under load

→ github.com/Heyyprakhar1/aws-autoscaling-infra

Cloud & Infrastructure

CI/CD & GitOps

Observability & Security

Not tutorials — engineering notes from someone figuring things out in public.

• The app ran. The data didn't survive. — what Kubernetes PVCs actually do, learned the hard way
• Variables, Outputs, Remote State — Terraform features that matter in production
• Providers, State, and Building Real AWS Infrastructure with Terraform
• Infrastructure as Code with Terraform: From Concept to First Infrastructure

→ All posts on Hashnode

• Advanced Cloud & DevOps — Intellipaat × IIT Roorkee · iHUB DivyaSampark (2025)
• Certified DevOps Engineer Associate — TrainWithShubham (2025)
• GitHub Actions & Kubernetes Masterclass — TrainWithShubham · CertDirectory (2025)
• Automation Hero — TrainWithShubham #90DaysOfDevOps · recognised among 500+ engineers

  624 contributions  ·  Dec 2024 – present  ·  HCL · Go · Python · YAML · Shell